AccuWeather iPhone app caught sending user location data, even when location sharing is off

Popular weather app AccuWeather has been caught sending geolocation data to a third-party data monetization firm, even when the user has switched off location sharing.

Security researcher Will Strafach published a warning about the popular weather app’s behavior on Medium and users appear to be paying attention.

Will Strafach intercepted the traffic from an iPhone running the latest version of AccuWeather and its servers and found that even when the app didn’t have permission to access the device’s precise location, the app would send the Wi-Fi router name and its unique MAC address to the servers of data monetization firm Reveal Mobile every few hours. That data can be correlated with public data to reveal an approximate location of a user’s device.

RevealMobile appears to specialize in mobile revenue and leveraging location data for ad targeting. “The value lies in understanding the path of a consumer and where they go throughout the day,” the company explains in a blog post on its homepage. “Traveling from home to work to retail to soccer practice to dinner is vital to knowing the customer, and represents the new opportunity of mobile location data.”

“In the future, AccuWeather plans to use data through Reveal Mobile for audience segmentation and analysis, to build a greater audience understanding and create more contextually relevant and helpful experiences for users and for advertisers,” said David Mitchell, AccuWeather’s executive vice president of emerging platforms.

But while AccuWeather’s privacy says that the company and its partners may use geolocation tracking technologies, its privacy policy doesn’t specifically state that this data will be used for advertising.

%d bloggers like this: